Docker Kata 5: Docker Networking
Learn how to list containers, ping between containers, create a user-defined network, and run containers on the network.
Docker uses software-defined networking to provide containers with a means to connect to a network. Software-defined networking uses software, instead of physical devices such as hardware load balancers and routers, to define a TCP/IP network. The Docker Engine provides a set of predefined networks on which to run containers. Administrators can also define custom networks to support a wide variety of network configurations. This kata will demonstrate how to work with Docker networks.
Step 1: List all networks#
First, stop and remove all the containers.
The command to list all Docker networks is given below.
The output will be something like:
Commands
Parameter | Description |
| This is the parent command. |
| This lists all the networks when used with the |
The docker network ls command lists all the defined Docker networks. Docker adds three networks on installation: bridge, host, and none.
The bridge network is the default network on which all containers are run.
The host network is the host’s network adapter. Containers on this network share the host’s network configuration, including IP address.
The none network is a null network. Containers on this network have no network interface.
Step 2: Ping between containers#
The command to run a disconnected NGINX container is given below:
When we run the command above, the output will be something like this:
Commands
Parameter | Description |
| These commands run two disconnected NGINX containers named |
The first two commands run NGINX containers named web1 and web2.
The command to get the IP address for the container is given below.
After executing the command above, the output will be something like this:
Commands
Parameter | Description |
| This is the parent command. |
| This returns detailed information about a container in JSON format. |
| The |
| This indicates a path to a specific attribute in the JSON output. The effect is that only the IP address of the container is returned. |
| This is the name of the container for which to return the IP address. |
These commands demonstrate a method to return the IP address for a container. The -f parameter formats the JSON output. JSON is a hierarchical format, and the {{.NetworkSettings.IPAddress}} template returns only the content of the attribute specified. This method can be used to filter output from inspect for many similar use cases.
The command to install a ping utility inside the container is provided below.
The result of the command above will be something like this:
The command to use docker inspect to get the IP address of the container is given below.
The output will be something like this:
Commands
Parameter | Description |
| This is the parent command. |
| This executes a command within a container. |
[ | This is the name of the container on which to |
| This is a command used to test connectivity to an IP address. Test packets are sent, and if the endpoint is accessible and listening, a response is returned. |
| The |
| This is the command that returns the IP address of a container. The effect is that one container pings the other by IP address. |
These commands ping web1 from web2, then web2 from web1.
These pings are by IP address. The commands in the $() return the IP addresses, as seen in the previous command. They are command substitutions, similar to the commands we’ve been using to stop and remove all the containers. The results show that the pings were successful, meaning that web1 and web2 were able to communicate with each other by IP address over the default bridge network.
The command to execute the ping command is given below.
The result after executing the command above will be something like this:
Commands
Parameter | Description |
| This is the parent command. |
| This executes a command within a container. |
| This is the name of the container on which we |
| This is a command used to test connectivity to an IP address. |
| The |
| This is the name of the |
This final command attempts to ping web2 from web1 by name instead of IP, but this returns an error. The unknown host error indicates that web1 cannot resolve the IP address of web2 by name. The next step will demonstrate how to make name resolution work between containers.
Step 3: Create a user-defined network#
The command to create a user-defined network is provided below.
The output will be something like this:
Commands
Parameter | Description |
| This is the parent command. |
| This creates a new user-defined bridge network when combined with the |
| This is the name assigned to the new network. |
Docker provides a create subcommand used to create user-defined networks. This command creates a new bridge network named mynet.
The command to inspect mynet is given below.
The output after running the command above will be something like this:
Parameter | Description |
| This is the parent command. |
| This returns JSON-formatted detail on a network when used with the |
| This is the name of the network to |
The docker network inspect mynet command returns detailed information on the mynet network created in the previous command.
Step 4: Run containers on a user-defined network#
First, stop and remove all the containers.
The command to start two disconnected NGINX containers is given below.
The result will be something like this:
Commands
Parameter | Description |
| This is the parent command. |
| This runs a new container. |
| This runs a container in disconnected mode. |
| The |
| This assigns a name to the container. |
[ | This is the name assigned to the container. |
| This is the name of the image to run. |
This step demonstrates that using the --net parameter, containers can be run on a designated network. These commands run two NGINX containers on the mynet network.
The command to inspect mynet is given below.
The output of the command above will be something like this:
Commands
Parameter | Description |
| This is the parent command. |
| This returns detailed JSON-formatted information on a network when combined with the |
| This is the name of the network where we return the data. |
This command uses inspect to show the change to the mynet details. Note that the web and web2 containers are listed in the containers collection of the JSON.
The command to execute the ping command is given below.
The output will be something like this:
Commands
Parameter | Description |
| This is the parent command. |
| This runs a command within a container. |
| This is the name of the container within which we run the |
| This sends test packets to an endpoint. |
| This sends three test packets. |
| This is the endpoint name (or IP address). Note that this attempt received a response. |
The last command pings web2 from web1 by name instead of IP address. This is successful because user-defined Docker networks, such as mynet, implement an embedded DNS server. Domain Name Service (DNS) is the mechanism used on the internet to resolve a URL, such as https://www.docker.com, to their IP addresses. Containers that are run on a user-defined bridge network are automatically added to the embedded Docker DNS server. This allows them to resolve each other’s IP addresses by name.
Practice commands#
We’ve given a terminal and table containing a list of commands discussed in this lesson. Try out these commands after running the terminal, and check out the results!
Commands
Step | Command |
This stops and removes all the containers. |
|
This lists all the Docker networks. |
|
This runs a disconnected NGINX container named |
|
This runs a disconnected NGINX container named |
|
This uses |
|
This uses |
|
This installs |
|
This executes the |
|
This executes the |
|
This executes the |
|
This creates a user-defined network called |
|
This inspects |
|
This stops and removes all the containers. |
|
This starts two disconnected NGINX containers, one called |
|
This inspects |
|
This installs |
|
This executes the |
|
Docker Kata 4: Running a Web Server in a Container
Docker Kata 6: Creating Docker Images